They're watching you! Hackers ARE able to capture video of people using porn websites before blackmailing them into handing over money

It's one of the oldest online scams around - 'hackers' claiming to have secretly filmed people through their webcams while they watch porn, and threatening to share the footage with their loved ones.
Most of the time these are just empty threats, in an attempt to get the victim to hand over money, but a new report reveals that the technology to do this does actually exist.
Security experts at Proofpoint claim to have found a piece of malicious software that allows hackers to capture video from their victims' webcams without them knowing.
The software, known as 'PsiXBot', only works on computers running Microsoft Windows, and is often loaded on to a computer without the user knowing. 

It can be installed through a disreputable website or by downloading a video, music file or software that is carrying it.
Once PsiXBot has been installed on the victim's machine, it sits in the background waiting for the user to open a web page with a specific pornography-related keyword in the title. 
This then triggers the software to start filming the user through the computer's camera. 
'PsiXBot has been around for several years but a new module has been added that allows hackers to capture video,' Proofpoint expert Werner Thalmeier told the German newspaper Bild.
'Now the threat is real and the program has already been distributed thousands of times,' he added. 
Once they have obtained the video, hackers will then threaten to send it to the victim's family if they don't hand over money - often in the form of untraceable Bitcoin.
They will threaten to send details of websites the user visited and everything they typed into their computer to a list of email addresses, social media accounts and other contacts stolen from the user, according to Proofpoint.  
The email will have a subject line along the lines of 'can publish everything', 'dirty video of you', 'I recorded you' or 'pervert'.  
Using the threat of sending video of a person watching an adult website is known as 'sextortion' and has been around a long time.  
According to Paul Ducklin, computer security expert at Sophos, hackers claiming to have your details are often bluffing.
In almost all cases, this is a lie, said Mr Ducklin, who explained that extortionists will convince you they have hacked your computer and gained access to cameras by feeding you some private information about yourself. 
This could be passwords they have simply gathered from a data breach and leak.  
Proofpoint said that anyone who receives a sextortion email should carry out a full virus scan  - which could take hours depending on the size of their hard drive. 
However Mr Thalmeier warned that the malicious software cannot always be detected in a scan.
'This software is a semi-professional tool and much more dangerous than, say, attacks with manipulated e-mails, because the hidden program on the computer can hardly be found with a virus scanner,' he said. 


The UK national reporting centre for fraud and cyber crime have published a number of simple steps to avoid getting caught out by a sextortion scam. 
  • Don’t reply to the email, or be pressured into paying: it only highlights that you’re vulnerable and you could be targeted again. 
  • The police advise that you do not pay criminals. Try flagging the email as spam/junk if you receive it multiple times.
  • Perform password resets as soon as possible on any accounts where you’ve used the password mentioned in the email. 
  • Always use a strong, separate password for important accounts, such as your email. Where available, enable Two-Factor Authentication (2FA).
  • Always install the latest software & app updates. Install, or enable, anti-virus software on your laptops & computers and keep it updated.
  • If you have received one of these emails and paid the fine, report it to your local police force. 
  • If you have not paid, report the email as a phishing attempt to Action Fraud.

Powered by Blogger.